[ivegotnoaccount]

If the code in question was standard code, this would not be such an issue. However, it is code that runs with all the privileges, and is therefore the one where security issues would hit the biggest. That is even more true as this code manipulates what is running on the computer, which is easy to get slightly wrong (For instance, for a long time, the LDD binary could be used to execute arbitrary code and it was therefore unsafe to run dracut with dependency resolution on unsafe binaries)

I am not saying that I am against Mozilla's transparency, especially as they were clear on this issue and said by themselves they intended to change this code before release. I'm simply explaining why some may find it either a bad faith or strong security issue.